CVE-2024-47706

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bic with merge chain 1 initial state, three tasks: Process 1 Process 2 Process 3 BIC1 BIC2 BIC3 | Λ | Λ | Λ | | | | | | V | V | V | bfqq1 bfqq2 bfqq3 process ref: 1 1 1 2 bfqq1 merged to bfqq...

VSO ConvertXtoDvd Code Issue Vulnerability

VSO ConvertXtoDvd is a software from VSO that can convert video to any format. A code issue vulnerability exists in VSO ConvertXtoDvd version 7.0.0.83, which stems from a function avcodec.dll in the file ConvertXtoDvd.exe that results in an uncontrolled search path. No details of the vulnerabilit...

IBM WebSphere Application Server Code Issue Vulnerability (CNVD-2024-43186)

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A code issue vulnerability exists in IBM WebSphere...

Juniper Networks Junos OS 代码问题漏洞

Juniper Networks Junos OS is a Juniper Networks, Inc. network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A code issue vulnerability exists in Juniper Networks Junos OS that stems from a null pointer...

Adobe Framemaker Code Issue Vulnerability (CNVD-2024-40917)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A code issue vulnerability exists in Adobe Framemaker. An attacker could exploit this vulnerability to execute...

Adobe Framemaker Code Issue Vulnerability (CNVD-2024-40916)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A code issue vulnerability exists in Adobe Framemaker. An attacker could exploit this vulnerability to execute...

Adobe InCopy Code Issue Vulnerability (CNVD-2024-40920)

Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. Adobe InCopy suffers from a code issue vulnerability that originates from the unrestricted upload of dangerous types of files. An attacker could exploit the vulnerability to execute arbitrary cod...

Adobe Framemaker 代码问题漏洞

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A code issue vulnerability exists in Adobe Framemaker. An attacker could exploit this vulnerability to execute...

Intelbras InControl 代码问题漏洞

Intelbras InControl is an access control management software from Intelbras that allows users to easily manage any ingress and egress traffic using access control devices. A code issue vulnerability previously existed in Intelbras InControl version 2.21.56, which stemmed from an issue contained i...

CIRCUTOR Q-SMT 代码问题漏洞

CIRCUTOR Q-SMT is an industrial hardware device from CIRCUTOR, Inc. A code issue vulnerability exists in CIRCUTOR Q-SMT version 1.0.4, which stems from the use of tokens that do not have an expiration date, which allows an attacker to steal tokens and gain unrestricted access to a web application...

Intel Raid Web Console 代码问题漏洞

Intel Raid Web Console is a web-based, Intel Corporation USA application that provides monitoring, maintenance, troubleshooting, and configuration capabilities for Intel RAID products. Intel Raid Web Console has a code issue vulnerability that stems from the inclusion of an uncontrolled search pa...

H2O 代码问题漏洞

H2O is an in-memory platform for distributed, scalable machine learning open-sourced by H2O.ai. A code issue vulnerability exists in H2O-3 version 3.46.0.4, which stems from the fact that incorrect manipulation of the parameter query can lead to deserialization...

Ivanti Endpoint Manager Code Issue Vulnerability

Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti, USA. A code issue vulnerability exists in Ivanti Endpoint Manager version 2024 and 2022 SU5 and earlier versions, which arises from deserialization of untrusted data and allows remote unauthenticated attackers to...

SolarWinds Access Rights Manager 代码问题漏洞

SolarWinds Access Rights Manager is a lightweight review management system from SolarWinds, Inc. A code issue vulnerability exists in SolarWinds Access Rights Manager that originates from allowing an authenticated user to abuse the service, which could result in remote code execution...

SAP BusinessObjects Business Intelligence Platform 代码问题漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...

Monero: A peer can remotely fill the pending block queue to an extremely high size, with blocks that will never leave the queue.

The pending block queue in the Monero cryptocurrency protocol could be remotely filled to an extremely high size, up to approximately 54 GB, with blocks that would never leave the queue. This was possible due to lax rules in the synchronization code that allowed the queue size limit to be bypasse...

SourceCodester Zipped Folder Manager App 代码问题漏洞

SourceCodester Zipped Folder Manager App is an open source zipped folder manager application from SourceCodester. A code issue vulnerability exists in version 1.0 of the SourceCodester Zipped Folder Manager App that stems from improper handling of the parameter folder, resulting in unrestricted...

Microsoft Windows 代码问题漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A code issue vulnerability exists in Microsoft Windows. An attacker could use this vulnerability to cause a denial of service. The following products and versions are affected:Windows 10...

SAP BusinessObjects Business Intelligence Platform 代码问题漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...

Wanglong LTcms 代码问题漏洞

Wanglong LTcms is an enterprise website builder from China's Wanglong company. A code issue vulnerability exists in Wanglong LTcms version 1.0.20, which stems from an incorrect operation of the parameter file that can lead to server-side request forgery...